⚙️ Features Feature Description

🔍 KQL Query Automation Runs customizable checks via Log Analytics API
📋 Real-Time Markdown Logs Easy-to-read GitHub Actions output
📄 Styled HTML Report Downloadable assessment report for customer sharing
🔐 Secure Login Uses Azure Service Principal credentials
🧰 Plug-and-Play Just configure secrets, add queries, and run

🔍 Report Snapshort

📁 Repo Structure

.
├── scripts/
│   ├── generate-ms-sentinel-scout-report.ps1  # Main script to run checks and export HTML
│   └── kql-queries.txt               # List of readiness queries with alias
├── .github/
│   └── workflows/Generate MS Sentinel Scout Report.yml  # GitHub Actions workflow
└── README.md                         # You're reading it

🔐 Permission

The solution on a service principaln with the Microsoft Sentinel Reader or Log Analytics Reader Permission.

⚙️ How it Runs

Here is a sample report - https://github.com/samikroy/ms-sentinel-scout/blob/main/ms-sentinel-scout-report.html

Reach out to samik.n.roy@gmail.com for any queries.

⚙️ How you can run this

• Clone this repo
• Configure the Repository secret based on your environment

https://github.com/samikroy/ms-sentinel-scout/settings/secrets/actions

• Review the schedule

https://github.com/samikroy/ms-sentinel-scout/blob/main/.github/workflows/Generate%20MS%20Sentinel%20Scout%20Report.yml

and then let this run and generate the HTML report.

🧰 Got Ideas

Submit Here - https://github.com/samikroy/ms-sentinel-scout/issues